Introducing F1 Authentication and Adding Site Content.

This change introduced the f1oauth and jesterpm oauth packages for interacting with Fellowship One's developer API. I have also reworked the login authentication to verify credentials through F1 and added session management to track logged in users. The Authenticator chain works as follows: on every page load we check for a session cookie, if the cookie exists, the Request is marked as authenticated and the OAuthUser object is restored in ClientInfo. If this request is going to an account page, we require authentication. The LoginFormAuthenticator checks if the user is already authenticated (via cookie) and if not redirects the user to the login page. When the login form is submitted, LoginFormAuthenticator catches the POST request and authenticates the user through F1. I'm also adding a new account page, but it is currently a work in progress. This commit also adds Allen's content to the site.
author: Jesse Morgan <jesse@jesterpm.net> 2013-08-27 08:28:16 -0700
committer: Jesse Morgan <jesse@jesterpm.net> 2013-08-27 08:28:16 -0700
commit: 1cdb43bb3e432040aed18c05e129f0131ee7d20a (patch)
tree: a4c5ad41d183b3874c990de0c5416d1810a1dc85 /src/com/p4square/grow/frontend/session
parent: 9b33aaf27cd8f73402ee9967c6b0fd76a90f8ebe (diff)
6 files changed, 313 insertions, 0 deletions
diff --git a/src/com/p4square/grow/frontend/session/Session.java b/src/com/p4square/grow/frontend/session/Session.java
new file mode 100644
index 0000000..3a241ef
--- /dev/null
+++ b/src/com/p4square/grow/frontend/session/Session.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.grow.frontend.session;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.restlet.security.User;
+
+/**
+ *
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class Session {
+    private static final long LIFETIME = 86400;
+
+    private final String mSessionId;
+    private final User mUser;
+    private final Map<String, String> mData;
+    private long mExpires;
+
+    Session(User user) {
+        mUser = user;
+        mSessionId = UUID.randomUUID().toString();
+        mExpires = System.currentTimeMillis() + LIFETIME;
+        mData = new HashMap<String, String>();
+    }
+
+    void touch() {
+        mExpires = System.currentTimeMillis() + LIFETIME;
+    }
+
+    boolean isExpired() {
+        return System.currentTimeMillis() > mExpires;
+    }
+
+    public String getId() {
+        return mSessionId;
+    }
+
+    public String get(String key) {
+        return mData.get(key);
+    }
+
+    public void put(String key, String value) {
+        mData.put(key, value);
+    }
+
+    public User getUser() {
+        return mUser;
+    }
+}
diff --git a/src/com/p4square/grow/frontend/session/SessionAuthenticator.java b/src/com/p4square/grow/frontend/session/SessionAuthenticator.java
new file mode 100644
index 0000000..ac194af
--- /dev/null
+++ b/src/com/p4square/grow/frontend/session/SessionAuthenticator.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.grow.frontend.session;
+
+import org.restlet.Context;
+import org.restlet.Request;
+import org.restlet.Response;
+import org.restlet.security.Authenticator;
+import org.restlet.security.User;
+
+/**
+ * 
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class SessionAuthenticator /*extends Authenticator*/ {
+    /*
+    @Override
+    protected boolean authenticate(Request request, Response response) {
+        // Check for authentication cookie
+        final String cookie = request.getCookies().getFirstValue(COOKIE_NAME);
+        if (cookie != null) {
+            cLog.debug("Got cookie: " + cookie);
+            // TODO Decrypt user info
+            User user = new User(cookie);
+            request.getClientInfo().setUser(user);
+            return true;
+        }
+
+        // Challenge the user if not authenticated
+        response.redirectSeeOther(mLoginPage);
+        return false;
+    }
+    */
+}
diff --git a/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java b/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java
new file mode 100644
index 0000000..8382aff
--- /dev/null
+++ b/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.grow.frontend.session;
+
+import org.apache.log4j.Logger;
+
+import org.restlet.Context;
+import org.restlet.Request;
+import org.restlet.Response;
+import org.restlet.security.Authenticator;
+
+/**
+ * Authenticator which succeeds if a valid Session exists.
+ *
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class SessionCheckingAuthenticator extends Authenticator {
+    private static final Logger LOG = Logger.getLogger(SessionCheckingAuthenticator.class);
+
+    public SessionCheckingAuthenticator(Context context, boolean optional) {
+        super(context, optional);
+    }
+
+    protected boolean authenticate(Request request, Response response) {
+        Session s = Sessions.getInstance().get(request);
+
+        if (s != null) {
+            request.getClientInfo().setUser(s.getUser());
+            return true;
+
+        } else {
+            return false;
+        }
+    }
+
+}
diff --git a/src/com/p4square/grow/frontend/session/SessionCookieAuthenticator.java b/src/com/p4square/grow/frontend/session/SessionCookieAuthenticator.java
new file mode 100644
index 0000000..789f58e
--- /dev/null
+++ b/src/com/p4square/grow/frontend/session/SessionCookieAuthenticator.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.grow.frontend.session;
+
+import org.apache.log4j.Logger;
+
+import org.restlet.Context;
+import org.restlet.Request;
+import org.restlet.Response;
+import org.restlet.security.Authenticator;
+
+/**
+ *
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class SessionCookieAuthenticator extends Authenticator {
+    private static final Logger LOG = Logger.getLogger(SessionCookieAuthenticator.class);
+
+    private static final String COOKIE_NAME  = "S";
+
+    private final Sessions mSessions;
+
+    public SessionCookieAuthenticator(Context context, boolean optional, Sessions sessions) {
+        super(context, optional);
+
+        mSessions = sessions;
+    }
+
+    protected boolean authenticate(Request request, Response response) {
+        final String cookie = request.getCookies().getFirstValue(COOKIE_NAME);
+
+        if (request.getClientInfo().isAuthenticated()) {
+            // Request is already authenticated... create session if it doesn't exist.
+            if (cookie == null) {
+                Session s = mSessions.create(request.getClientInfo().getUser());
+                response.getCookieSettings().add(COOKIE_NAME, s.getId());
+            }
+
+            return true;
+
+        } else {
+            // Check for authentication cookie
+            if (cookie != null) {
+                LOG.debug("Got cookie: " + cookie);
+
+                Session s = mSessions.get(cookie);
+                if (s != null) {
+                    request.getClientInfo().setUser(s.getUser());
+                    return true;
+                }
+            }
+
+            return false;
+        }
+    }
+
+}
diff --git a/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java b/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java
new file mode 100644
index 0000000..ce6024c
--- /dev/null
+++ b/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.grow.frontend.session;
+
+import org.apache.log4j.Logger;
+
+import org.restlet.Context;
+import org.restlet.Request;
+import org.restlet.Response;
+import org.restlet.security.Authenticator;
+import org.restlet.security.User;
+
+/**
+ * Authenticator which creates a Session for the request and adds a cookie
+ * to the response.
+ *
+ * The Request MUST be Authenticated and MUST have a User object associated.
+ *
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class SessionCreatingAuthenticator extends Authenticator {
+    private static final Logger LOG = Logger.getLogger(SessionCreatingAuthenticator.class);
+
+    public SessionCreatingAuthenticator(Context context) {
+        super(context, true);
+    }
+
+    protected boolean authenticate(Request request, Response response) {
+        if (Sessions.getInstance().get(request) != null) {
+            return true;
+        }
+
+        User user = request.getClientInfo().getUser();
+
+        if (request.getClientInfo().isAuthenticated() && user != null) {
+            Sessions.getInstance().create(request, response);
+            return true;
+        }
+
+        return false;
+    }
+
+}
diff --git a/src/com/p4square/grow/frontend/session/Sessions.java b/src/com/p4square/grow/frontend/session/Sessions.java
new file mode 100644
index 0000000..094d2f0
--- /dev/null
+++ b/src/com/p4square/grow/frontend/session/Sessions.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.grow.frontend.session;
+
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.Map;
+
+import org.restlet.Response;
+import org.restlet.Request;
+import org.restlet.security.User;
+
+/**
+ * Singleton Session Manager.
+ *
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class Sessions {
+    private static final String COOKIE_NAME  = "S";
+
+    private static final Sessions THE = new Sessions();
+    public static Sessions getInstance() {
+        return THE;
+    }
+
+    private final Map<String, Session> mSessions;
+
+    private Sessions() {
+        mSessions = new ConcurrentHashMap<String, Session>();
+    }
+
+    public Session get(String sessionid) {
+        Session s = mSessions.get(sessionid);
+
+        if (s != null && !s.isExpired()) {
+            s.touch();
+            return s;
+        }
+
+        return null;
+    }
+
+    /**
+     * Get the Session associated with the Request.
+     * @return A session or null if no session is found.
+     */
+    public Session get(Request request) {
+        final String cookie = request.getCookies().getFirstValue(COOKIE_NAME);
+
+        if (cookie != null) {
+            return get(cookie);
+        }
+
+        return null;
+    }
+
+    public Session create(User user) {
+        if (user == null) {
+            throw new IllegalArgumentException("Can not create session for null user.");
+        }
+
+        Session s = new Session(user);
+        mSessions.put(s.getId(), s);
+
+        return s;
+    }
+
+    /**
+     * Create a new Session and add the Session cookie to the response.
+     */
+    public Session create(Request request, Response response) {
+        Session s = create(request.getClientInfo().getUser());
+
+        request.getCookies().add(COOKIE_NAME, s.getId());
+        response.getCookieSettings().add(COOKIE_NAME, s.getId());
+
+        return s;
+    }
+}
author	Jesse Morgan <jesse@jesterpm.net>	2013-08-27 08:28:16 -0700
committer	Jesse Morgan <jesse@jesterpm.net>	2013-08-27 08:28:16 -0700
commit	1cdb43bb3e432040aed18c05e129f0131ee7d20a (patch)
tree	a4c5ad41d183b3874c990de0c5416d1810a1dc85 /src/com/p4square/grow/frontend/session
parent	9b33aaf27cd8f73402ee9967c6b0fd76a90f8ebe (diff)